Hi. On Sun, Feb 02, 2020 at 07:56:48AM +1100, Keith Bainbridge wrote: > Details can be found in the upstream advisory at > https://www.sudo.ws/alerts/pwfeedback.html . It worth noting that to exploit CVE-2019-18634 in Debian one has to configure sudoers a very specific way. > For the stable distribution (buster), exploitation of the bug is > prevented due to a change in EOF handling introduced in 1.8.26. In another words, stable users are not affected. Reco